Synopsis: Important: ghostscript security and bug fix update
Advisory ID: SLSA-2018:3834-1
Issue Date: 2018-12-17
CVE Numbers: CVE-2018-15911
CVE-2018-16541
CVE-2018-16802
CVE-2018-17183
CVE-2018-17961
CVE-2018-18073
CVE-2018-18284
CVE-2018-19409
CVE-2018-19134
--
Security Fix(es):
* ghostscript: Incorrect free logic in pagedevice replacement (699664)
(CVE-2018-16541)
* ghostscript: Incorrect "restoration of privilege" checking when running
out of stack during exception handling (CVE-2018-16802)
* ghostscript: User-writable error exception table (CVE-2018-17183)
* ghostscript: Saved execution stacks can leak operator arrays (incomplete
fix for CVE-2018-17183) (CVE-2018-17961)
* ghostscript: Saved execution stacks can leak operator arrays
(CVE-2018-18073)
* ghostscript: 1Policy operator allows a sandbox protection bypass
(CVE-2018-18284)
* ghostscript: Type confusion in setpattern (700141) (CVE-2018-19134)
* ghostscript: Improperly implemented security check in zsetdevice
function in psi/zdevice.c (CVE-2018-19409)
* ghostscript: Uninitialized memory access in the aesdecode operator
(699665) (CVE-2018-15911)
Bug Fix(es):
* It has been found that ghostscript-9.07-31.el7_6.1 introduced regression
during the handling of shading objects, causing a "Dropping incorrect
smooth shading object" warning. With this update, the regression has been
fixed and the described problem no longer occurs.
--
SL7
x86_64
ghostscript-9.07-31.el7_6.6.i686.rpm
ghostscript-9.07-31.el7_6.6.x86_64.rpm
ghostscript-cups-9.07-31.el7_6.6.x86_64.rpm
ghostscript-debuginfo-9.07-31.el7_6.6.i686.rpm
ghostscript-debuginfo-9.07-31.el7_6.6.x86_64.rpm
ghostscript-devel-9.07-31.el7_6.6.i686.rpm
ghostscript-devel-9.07-31.el7_6.6.x86_64.rpm
ghostscript-gtk-9.07-31.el7_6.6.x86_64.rpm
ghostscript-9.07-31.el7_6.6.src.rpm
noarch
ghostscript-doc-9.07-31.el7_6.6.noarch.rpm
- Scientific Linux Development Team